I have a lab set up with ClearPass 6.1 and AOS 6.2. I am working on a configuration that redirects guest users to a captive portal, and authenticates them against a local guest user database - I set up an account with unlimited use and no expiration. I am also authenticating employees against an AD database. I have two SSIDs: employee and guest. This all seems to work fine.
What I want to be able to do is first try to MAC authenticate guest users when they connect, and then pass them through to the guest captive portal if MAC auth fails (i.e. they haven't connected in some period of time, say, 8 hours).
I would also like to be able to do something similar with employees connecting to the employee SSID if possible, except employees would be redirected to the AD server for authentication if MAC authentication fails.
I have been trying to lcoate suitable reference materials for this scneario, but have been unsuccessful. Any reference material, examples, guides, or guidance would be greatly appreciated.
Regards,
DAK